ObjectParameterError: Parameter "filter" to findOne() must be an object, got

Question

I try to connect my Login page with mongoose. Unfort.netly it doesn`t work. I get the error:

ObjectParameterError: Parameter "filter" to findOne() must be an object, got 637798b57bfa9d5fbede9c30

I tried to find the solution the whole day, but I can t figure it out. I t figure it out. I m also still learning coding and struggle to understand everything of it, but most I understand.

if(process.env.NODE_ENV !== "production") {
    require("dotenv").config()
}

const express = require('express')
const app = express()
const bcrypt = require('bcrypt')
const passport = require("passport")
const initializePassport = require("./passport-config")
const flash = require("express-flash")
const session = require("express-session")
const methodOverride = require("method-override")
const mongoose = require("mongoose")
const User = require("./user")

const uri = 'abc'

async function connect(){
    try{
        await mongoose.connect(uri)
        console.log("connected")
    } catch (error){
        console.error(error)
    }
}

connect();

const user = User

initializePassport(
    passport,
    email => User.find(user => user.email === email),
    _id => User.find(user => user._id === _id)
    )

app.set('view-engine', 'ejs')
app.use(express.urlencoded({extended: false}))
app.use(flash())
app.use(session({
    secret: process.env.SESSION_SECRET,
    resave: false, // We wont resave the session var if nothing is changed
    saveUninitialized: false
}))
app.use(passport.initialize())
app.use(passport.session())
app.use(methodOverride("_method"))

function initialize(passport, getUserByEmail, getUserById) {
    const authenticateUser = async (email, password, done) => {
      const user = await User.findOne({email:email});
      console.log(user);
      if (user == null) {
        return done(null, false, { message: 'No user with that email' })
      }
  
      try {
        if (await bcrypt.compare(password, user.password)) {
          return done(null, user)
        } else {
          return done(null, false, { message: 'Password incorrect' })
        }
      } catch (e) {
        return done(e)
      }
    }
  
    passport.use(new LocalStrategy({ usernameField: 'email' }, authenticateUser))
    passport.serializeUser((user, done) => done(null, user.id))
    passport.deserializeUser((id, done) => {
      return done(null, getUserById(id))
    })
  }
  
  module.exports = initialize

app.get('/', checkAuthenicated, (req, res)=> {
    res.render('index.ejs', {name: req.body.name})
})

app.get('/login', checkNotAuthenicated, (req, res)=> {
    res.render('login.ejs')
})

app.post("/login", checkNotAuthenicated, passport.authenticate("local", {
    successRedirect: "/",
    failureRedirect: "/login",
    failureFlash: true
}))

app.get('/register', checkNotAuthenicated, (req, res)=> {
    res.render('register.ejs')
})

app.post("/register", checkNotAuthenicated, async (req, res) => {
    try {
       const hashedPassword = await bcrypt.hash(req.body.password, 10)
        //users.push({
       const user = new User({
            id: Date.now().toString(),
            username: req.body.name,
            email: req.body.email,
            password: hashedPassword
        })
        user.save().then(()=> console.log("User saved"))
        console.log(user)
        res.redirect("/login")

    } catch (e){
        console.log(e);
        res.redirect("/register")
    }
})

app.delete("/logout", (req, res) =>{
    req.logOut(
        res.redirect("/login")
    )
})


function checkAuthenicated(req, res, next){
    if (req.isAuthenticated()){
        return next()
    }
    res.redirect("/login")
}

function checkNotAuthenicated(req, res, next){
    if (req.isAuthenticated()){
        return res.redirect("/")
    }
    next()
}

app.listen(3000)

const bcrypt = require('bcrypt')
const mongoose = require("mongoose")

const userShema = new mongoose.Schema({
    id: String,
    username: String,
    email: String,
    password: String
})

module.exports = mongoose.model("User", userShema)

const LocalStrategy = require('passport-local').Strategy
const bcrypt = require('bcrypt')
const User = require("./user")

function initialize(passport, getUserByEmail, getUserById) {
  const authenticateUser = async (email, password, done) => {
    const user = await User.findOne({email:email});
    console.log(user);
    if (user == null) {
      return done(null, false, { message: 'No user with that email' })
    }

    try {
      if (await bcrypt.compare(password, user.password)) {
        return done(null, user)
      } else {
        return done(null, false, { message: 'Password incorrect' })
      }
    } catch (e) {
      return done(e)
    }
  }

  passport.use(new LocalStrategy({ usernameField: 'email' }, authenticateUser))
  passport.serializeUser((User, done) => done(null, User._id))
  passport.deserializeUser(function(_id, done) {
    User.findOne(_id, function (err, User) {
      done(err, User);
    });
  });
}

module.exports = initialize

I think the problem lies somewhere in here:

  passport.use(new LocalStrategy({ usernameField: 'email' }, authenticateUser))
  passport.serializeUser((User, done) => done(null, User._id))
  passport.deserializeUser(function(_id, done) {
    User.findOne(_id, function (err, User) {
      done(err, User);
    });
  });

But I`m not sure...

Thanks very much for your help.

Answer 1

You are mixing findOne and findById

findById does not need an object but the _id . As the docs (and also the method name) explain, under the hook it find by the id, so is like to do findOne({_id: id}) .

From the docs:

findById(id) is almost* equivalent to findOne({ _id: id })

So the problem is you are trying to use simply the _id when the method expect an object to match the filter.

So you can use User.findOne({_id: _id}) or User.findById(_id)